[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 31 21:31:17 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ad2b7d8 by Salvatore Bonaccorso at 2022-03-31T22:30:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4031,7 +4031,7 @@ CVE-2022-25996
 CVE-2022-25987
 	RESERVED
 CVE-2022-25915 (Improper access control vulnerability in ELECOM LAN routers (WRC-1167G ...)
-	TODO: check
+	NOT-FOR-US: ELECOM LAN routers
 CVE-2022-25905
 	RESERVED
 CVE-2022-0910
@@ -4684,9 +4684,9 @@ CVE-2022-26521 (Abantecart through 1.3.2 allows remote authenticated administrat
 CVE-2022-0872
 	RESERVED
 CVE-2022-26019 (Improper access control vulnerability in pfSense CE and pfSense Plus ( ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2022-24299 (Improper input validation vulnerability in pfSense CE and pfSense Plus ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2022-0871 (Improper Authorization in GitHub repository gogs/gogs prior to 0.12.5. ...)
 	NOT-FOR-US: Go Git Service
 CVE-2022-0870 (Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prio ...)
@@ -7854,7 +7854,7 @@ CVE-2022-25326 (fscrypt through v0.3.2 creates a world-writable directory by def
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/24/1
 	NOTE: https://github.com/google/fscrypt/commit/6e355131670ad014e45f879475ddf800f0080d41
 CVE-2022-23183 (Missing authorization vulnerability in Advanced Custom Fields versions ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-21179 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE plugin 'Mai ...)
 	NOT-FOR-US: EC-CUBE
 CVE-2022-0683 (The Essential Addons for Elementor Lite WordPress plugin is vulnerable ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad2b7d8032d0db9e64d49a2cf0adb4b487cced2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad2b7d8032d0db9e64d49a2cf0adb4b487cced2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220331/312a0139/attachment.htm>

More information about the debian-security-tracker-commits mailing list